We saw an example of request and session scoped beans earlier. We saw how the ApplicationContext was used to get access to these beans. However making the code ApplicationContextAware may not be an acceptable solution.Who would be keen to have Spring's core classes intruding into the code ? Knowing this Spring does provide us with an alternative solutions involving AOP.
Showing posts with label Spring. Show all posts
Showing posts with label Spring. Show all posts
Monday, 21 April 2014
Sunday, 13 April 2014
Request and Session Scope
I have never used a request scoped bean. Always Singleton. And once I dabbled with Prototype but that too never went beyond the prototype stage.
I can't really think of a scenario where I might need request or session scoped beans (yet!). The job is generally achieved with stateless singleton beans and data in request and session attributes.
Anyway I decided to try out a request scoped bean.
I can't really think of a scenario where I might need request or session scoped beans (yet!). The job is generally achieved with stateless singleton beans and data in request and session attributes.
Anyway I decided to try out a request scoped bean.
Sunday, 2 February 2014
Views in ModelAndView
We had an interesting scenario in our code. It all started out when we had this complex controller that included methods specific to a certain flow. In case of any exception, we used an error handler to redirect the flow to an error page. The code would be along the lines of
Thursday, 5 December 2013
Listening for Session creation
With Spring security session creation and destruction is managed by the framework. Along with the session management code, we often tend to have some other activities performed. For e.g. I would like a count of the sessions created. As the code is now within Spring how do we add our audit code ? In a simple application the solution would be to add a HttpSessionListener.
Tuesday, 3 December 2013
DelegatingFilterProxy And Spring Security
We saw an example of the GenericFilterBean earlier. While the class included some nifty techniques from Spring, it isn't really a part of the Spring Environment. We saw how to get access to the Spring Environment we had to
Wednesday, 27 November 2013
Spring Security And Authorization
In a Java Web application, where authorization is involved, roles come into the picture. If a request is authorized to access a particular resource, then only will the Servlet Container allow it to work with the resource. How is the authorization decision made ?
Friday, 22 November 2013
Remember Me... Spring Security
Login page in most web applications have a small check-box that says "Remember Me". Nothing new there. The cool part is spring security comes with this functionality ready made.
I decided to use the default login form to test the feature:
I decided to use the default login form to test the feature:
Saturday, 19 October 2013
Logout Settings in Spring Security
We have seen how to configure login behavior for our application. How to let Spring manage authentication, session creation, authorization etc.The logical end to the flow would be to logout. A normal logout would involve releasing any resources, destroying sessions etc - and a logout page.
Thursday, 17 October 2013
form-login Custom Options
In the previous post we saw how to set the login page as a custom one. There are other configuration options available too. For instance:
<form-login login-page="/login.jsp" authentication-failure-url="loginError.jsp"/>If now login fails, then user will be redirected to the above failure URL. Consider the logs generated when I entered invalid credentials:
Wednesday, 16 October 2013
Spring Security - The Login Flow
In the last post we saw how Spring security can be used to secure web applications. I used both the form login and the basic login to get the user authentication done.
While basic login is pretty much client system dependent, the form login can be tweaked and customized. I decided to try out the options.
While basic login is pretty much client system dependent, the form login can be tweaked and customized. I decided to try out the options.
Thursday, 26 September 2013
Method Injection in Spring
I knew Spring supports two types of injection - setter and constructor. I had
also heard of a third type called method injection. But having never
come across a use case for the same, I pretty much ignored it. Until I gave an interview.
All was going well until this question came along:
"You have a singleton bean. Is there a way to inject a new bean X into this class whenever you call the getX property of this bean ?"
I was pretty flummoxed. Later on I hunted on the web and came across this post by Rod Johnson.
The below post is an adaption from the same to focus on the interviewer's question.
All was going well until this question came along:
"You have a singleton bean. Is there a way to inject a new bean X into this class whenever you call the getX property of this bean ?"
I was pretty flummoxed. Later on I hunted on the web and came across this post by Rod Johnson.
The below post is an adaption from the same to focus on the interviewer's question.
Friday, 20 September 2013
The c namespace
With the growth of annotations XML configuration files continue to reduce in size (In some cases they have disappeared). I have never really been a fan of Annotations, especially those that bring in information that was best left outside Java code.
Monday, 16 September 2013
BeanFactory and Inheritance
Inheritance of Beans is a feature available in Spring Bean Factories. I decided to try the same using Spring's BeanFactory.
Monday, 9 September 2013
Different Message Formats in Spring MVC
In an earlier post we saw how Spring depended on MessageConverters to convert the request stream to java object and also the java objects to appropriate response formats.
As we had defined a Jackson converter, our controller's return objects were converted by the DispatcherServlet to JSON.
As we had defined a Jackson converter, our controller's return objects were converted by the DispatcherServlet to JSON.
Tuesday, 3 September 2013
Exception Handling in Spring REST calls
I earlier did a post on error handling in Spring web applications. It was related to generating views for errors. But in a REST application we would prefer to return error codes or error JSON message. While the earlier style can be still used here to write out an appropriate JSON error response, Spring MVC provides other mechanisms to handle errors.
Sunday, 11 August 2013
Spring Security
All projects I have worked on included login. And roles. They were built using database tables or third party applications like LDAP or service based authentication. However the new projects starting now are going ahead with Spring Security. As I have no idea about it, I decided to give a go at understanding Spring Security.
I decided to first do a small simple web application and enable the security for it. Not spring based, simple Servlet style security.
I decided to first do a small simple web application and enable the security for it. Not spring based, simple Servlet style security.
Friday, 26 July 2013
Filters and Spring
I guess we have all used filters in our web applications. With the arrival of spring and its very solid front controller, code that was in filters is most of the time placed in Spring interceptors. But that does not mean that we cannot add a filter.
Thursday, 11 July 2013
Combine CREATE and UPDATE operations in REST
I was searching the net on good practices for developing RestFull services when I came across this interesting discussion on stack overflow:
The question was "Should we use PUT or POST for Create Resource ?"
The question was "Should we use PUT or POST for Create Resource ?"
Monday, 8 July 2013
POST with a location
IN the last few posts I have been trying out Springs REST API. For the create operation we had used a POST call. The API would take an user
resource, create it and return the user resource in the response stream.
Saturday, 15 June 2013
Using Spring's RestTemplate class
In an earlier post we saw how to work create REST services using Spring. For testing the same we used a RESTClient Plugin available with Firefox.
It is often the case that we need our test code to be in Java so that it can be reused by others too. Spring provides us with an easy to use Rest Service client that can be used in our code.
It is often the case that we need our test code to be in Java so that it can be reused by others too. Spring provides us with an easy to use Rest Service client that can be used in our code.
Subscribe to:
Comments (Atom)